From 65a397fdc7077c8cf60ba08895d784f5c751e789 Mon Sep 17 00:00:00 2001 From: yuli <> Date: Fri, 16 Jul 2021 15:10:53 +0300 Subject: [PATCH] rename address identity --- src/agreements_api.go | 78 +++++++++++++++++++-------------------- src/audit_db.go | 8 ++-- src/bunker.go | 34 ++++++++--------- src/consent_test.go | 16 ++++---- src/email.go | 4 +- src/expiration_api.go | 52 +++++++++++++------------- src/lbasis_api.go | 2 +- src/notify.go | 28 +++++++------- src/requests_api.go | 12 +++--- src/sessions_api.go | 24 ++++++------ src/sessions_test.go | 4 +- src/sharedrecords_test.go | 4 +- src/sms.go | 12 +++--- src/users_api.go | 59 +++++++++++++++-------------- src/utils_test.go | 8 ++-- src/xtokens_test.go | 8 ++-- 16 files changed, 176 insertions(+), 177 deletions(-) diff --git a/src/agreements_api.go b/src/agreements_api.go index edd65e8..2ecdf51 100644 --- a/src/agreements_api.go +++ b/src/agreements_api.go @@ -10,10 +10,10 @@ import ( ) func (e mainEnv) agreementAccept(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - address := ps.ByName("address") + identity := ps.ByName("identity") brief := ps.ByName("brief") mode := ps.ByName("mode") - event := audit("agreement accept for "+brief, address, mode, address) + event := audit("agreement accept for "+brief, identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { returnError(w, r, "bad mode", 405, nil, event) @@ -35,10 +35,10 @@ func (e mainEnv) agreementAccept(w http.ResponseWriter, r *http.Request, ps http } userTOKEN := "" if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userBson, err := e.db.lookupUserRecord(address) + userBson, err := e.db.lookupUserRecord(identity) if err != nil || userBson == nil { returnError(w, r, "internal error", 405, err, event) return @@ -46,9 +46,9 @@ func (e mainEnv) agreementAccept(w http.ResponseWriter, r *http.Request, ps http if e.enforceAuth(w, r, event) == "" { return } - userTOKEN = address + userTOKEN = identity } else { - userBson, err := e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, err := e.db.lookupUserRecordByIndex(mode, identity, e.conf) if err != nil { returnError(w, r, "internal error", 405, err, event) return @@ -99,12 +99,12 @@ func (e mainEnv) agreementAccept(w http.ResponseWriter, r *http.Request, ps http } switch mode { case "email": - address = normalizeEmail(address) + identity = normalizeEmail(identity) case "phone": - address = normalizePhone(address, e.conf.Sms.DefaultCountry) + identity = normalizePhone(identity, e.conf.Sms.DefaultCountry) } fmt.Printf("Processing agreement, status: %s\n", status) - e.db.acceptAgreement(userTOKEN, mode, address, brief, status, agreementmethod, + e.db.acceptAgreement(userTOKEN, mode, identity, brief, status, agreementmethod, referencecode, lastmodifiedby, starttime, expiration) /* notifyURL := e.conf.Notification.NotificationURL @@ -113,7 +113,7 @@ func (e mainEnv) agreementAccept(w http.ResponseWriter, r *http.Request, ps http if len(userTOKEN) > 0 { notifyConsentChange(notifyURL, brief, status, "token", userTOKEN) } else { - notifyConsentChange(notifyURL, brief, status, mode, address) + notifyConsentChange(notifyURL, brief, status, mode, identity) } } */ @@ -123,10 +123,10 @@ func (e mainEnv) agreementAccept(w http.ResponseWriter, r *http.Request, ps http } func (e mainEnv) agreementWithdraw(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - address := ps.ByName("address") + identity := ps.ByName("identity") brief := ps.ByName("brief") mode := ps.ByName("mode") - event := audit("consent withdraw for "+brief, address, mode, address) + event := audit("consent withdraw for "+brief, identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { @@ -151,10 +151,10 @@ func (e mainEnv) agreementWithdraw(w http.ResponseWriter, r *http.Request, ps ht userTOKEN := "" authResult := "" if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userBson, _ := e.db.lookupUserRecord(address) + userBson, _ := e.db.lookupUserRecord(identity) if userBson == nil { returnError(w, r, "internal error", 405, nil, event) return @@ -163,10 +163,10 @@ func (e mainEnv) agreementWithdraw(w http.ResponseWriter, r *http.Request, ps ht if authResult == "" { return } - userTOKEN = address + userTOKEN = identity } else { // TODO: decode url in code! - userBson, _ := e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, _ := e.db.lookupUserRecordByIndex(mode, identity, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) event.Record = userTOKEN @@ -218,11 +218,11 @@ func (e mainEnv) agreementWithdraw(w http.ResponseWriter, r *http.Request, ps ht } switch mode { case "email": - address = normalizeEmail(address) + identity = normalizeEmail(identity) case "phone": - address = normalizePhone(address, e.conf.Sms.DefaultCountry) + identity = normalizePhone(identity, e.conf.Sms.DefaultCountry) } - e.db.withdrawAgreement(userTOKEN, brief, mode, address, lastmodifiedby) + e.db.withdrawAgreement(userTOKEN, brief, mode, identity, lastmodifiedby) w.Header().Set("Content-Type", "application/json; charset=utf-8") w.WriteHeader(200) w.Write([]byte(`{"status":"ok"}`)) @@ -230,7 +230,7 @@ func (e mainEnv) agreementWithdraw(w http.ResponseWriter, r *http.Request, ps ht if len(userTOKEN) > 0 { notifyConsentChange(notifyURL, brief, "no", "token", userTOKEN) } else { - notifyConsentChange(notifyURL, brief, "no", mode, address) + notifyConsentChange(notifyURL, brief, "no", mode, identity) } } @@ -261,9 +261,9 @@ func (e mainEnv) agreementRevokeAll(w http.ResponseWriter, r *http.Request, ps h } func (e mainEnv) getUserAgreements(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - address := ps.ByName("address") + identity := ps.ByName("identity") mode := ps.ByName("mode") - event := audit("privacy agreements for "+mode, address, mode, address) + event := audit("privacy agreements for "+mode, identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { @@ -273,10 +273,10 @@ func (e mainEnv) getUserAgreements(w http.ResponseWriter, r *http.Request, ps ht userTOKEN := "" if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userBson, _ := e.db.lookupUserRecord(address) + userBson, _ := e.db.lookupUserRecord(identity) if userBson == nil { returnError(w, r, "internal error", 405, nil, event) return @@ -284,10 +284,10 @@ func (e mainEnv) getUserAgreements(w http.ResponseWriter, r *http.Request, ps ht if e.enforceAuth(w, r, event) == "" { return } - userTOKEN = address + userTOKEN = identity } else { // TODO: decode url in code! - userBson, _ := e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, _ := e.db.lookupUserRecordByIndex(mode, identity, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) event.Record = userTOKEN @@ -313,7 +313,7 @@ func (e mainEnv) getUserAgreements(w http.ResponseWriter, r *http.Request, ps ht if len(userTOKEN) > 0 { resultJSON, numRecords, err = e.db.listAgreementRecords(userTOKEN) } else { - resultJSON, numRecords, err = e.db.listAgreementRecordsByIdentity(address) + resultJSON, numRecords, err = e.db.listAgreementRecordsByIdentity(identity) } if err != nil { returnError(w, r, "internal error", 405, err, event) @@ -327,10 +327,10 @@ func (e mainEnv) getUserAgreements(w http.ResponseWriter, r *http.Request, ps ht } func (e mainEnv) getUserAgreement(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - address := ps.ByName("address") + identity := ps.ByName("identity") brief := ps.ByName("brief") mode := ps.ByName("mode") - event := audit("privacy agreements for "+mode, address, mode, address) + event := audit("privacy agreements for "+mode, identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { @@ -352,10 +352,10 @@ func (e mainEnv) getUserAgreement(w http.ResponseWriter, r *http.Request, ps htt } userTOKEN := "" if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userBson, _ := e.db.lookupUserRecord(address) + userBson, _ := e.db.lookupUserRecord(identity) if userBson == nil { returnError(w, r, "internal error", 405, nil, event) return @@ -363,10 +363,10 @@ func (e mainEnv) getUserAgreement(w http.ResponseWriter, r *http.Request, ps htt if e.enforceAuth(w, r, event) == "" { return } - userTOKEN = address + userTOKEN = identity } else { // TODO: decode url in code! - userBson, _ := e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, _ := e.db.lookupUserRecordByIndex(mode, identity, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) event.Record = userTOKEN @@ -404,10 +404,10 @@ func (e mainEnv) getUserAgreement(w http.ResponseWriter, r *http.Request, ps htt /* func (e mainEnv) consentUserRecord(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - address := ps.ByName("address") + identity := ps.ByName("identity") brief := ps.ByName("brief") mode := ps.ByName("mode") - event := audit("consent record for "+brief, address, mode, address) + event := audit("consent record for "+brief, identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { @@ -419,15 +419,15 @@ func (e mainEnv) consentUserRecord(w http.ResponseWriter, r *http.Request, ps ht returnError(w, r, "bad brief format", 405, nil, event) return } - userTOKEN := address + userTOKEN := identity var userBson bson.M if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userBson, _ = e.db.lookupUserRecord(address) + userBson, _ = e.db.lookupUserRecord(identity) } else { - userBson, _ = e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, _ = e.db.lookupUserRecordByIndex(mode, identity, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) event.Record = userTOKEN diff --git a/src/audit_db.go b/src/audit_db.go index 589af51..72a27af 100644 --- a/src/audit_db.go +++ b/src/audit_db.go @@ -28,14 +28,14 @@ type auditEvent struct { Atoken string `json:"atoken"` } -func audit(title string, record string, mode string, address string) *auditEvent { +func audit(title string, record string, mode string, identity string) *auditEvent { //fmt.Printf("/%s : %s\n", title, record) - return &auditEvent{Title: title, Mode: mode, Who: address, Record: record, Status: "ok", When: int32(time.Now().Unix())} + return &auditEvent{Title: title, Mode: mode, Who: identity, Record: record, Status: "ok", When: int32(time.Now().Unix())} } -func auditApp(title string, record string, app string, mode string, address string) *auditEvent { +func auditApp(title string, record string, app string, mode string, identity string) *auditEvent { //fmt.Printf("/%s : %s : %s\n", title, app, record) - return &auditEvent{Title: title, Mode: mode, Who: address, Record: record, Status: "ok", When: int32(time.Now().Unix())} + return &auditEvent{Title: title, Mode: mode, Who: identity, Record: record, Status: "ok", When: int32(time.Now().Unix())} } func (event auditEvent) submit(db *dbcon) { diff --git a/src/bunker.go b/src/bunker.go index 4ce202c..57915f3 100644 --- a/src/bunker.go +++ b/src/bunker.go @@ -186,18 +186,18 @@ func (e mainEnv) setupRouter() *httprouter.Router { router.GET("/v1/sys/backup", e.backupDB) router.POST("/v1/user", e.userNew) - router.GET("/v1/user/:mode/:address", e.userGet) - router.DELETE("/v1/user/:mode/:address", e.userDelete) - router.PUT("/v1/user/:mode/:address", e.userChange) + router.GET("/v1/user/:mode/:identity", e.userGet) + router.DELETE("/v1/user/:mode/:identity", e.userDelete) + router.PUT("/v1/user/:mode/:identity", e.userChange) - router.GET("/v1/prelogin/:mode/:address/:code/:captcha", e.userPrelogin) - router.GET("/v1/login/:mode/:address/:tmp", e.userLogin) + router.GET("/v1/prelogin/:mode/:identity/:code/:captcha", e.userPrelogin) + router.GET("/v1/login/:mode/:identity/:tmp", e.userLogin) router.GET("/v1/exp/retain/:exptoken", e.expRetainData) router.GET("/v1/exp/delete/:exptoken", e.expDeleteData) - router.GET("/v1/exp/status/:mode/:address", e.expGetStatus) - router.POST("/v1/exp/start/:mode/:address", e.expStart) - router.DELETE("/v1/exp/cancel/:mode/:address", e.expCancel) + router.GET("/v1/exp/status/:mode/:identity", e.expGetStatus) + router.POST("/v1/exp/start/:mode/:identity", e.expStart) + router.DELETE("/v1/exp/cancel/:mode/:identity", e.expCancel) router.POST("/v1/sharedrecord/token/:token", e.newSharedRecord) router.GET("/v1/get/:record", e.getRecord) @@ -205,7 +205,7 @@ func (e mainEnv) setupRouter() *httprouter.Router { router.GET("/v1/request/:request", e.getUserRequest) router.POST("/v1/request/:request", e.approveUserRequest) router.DELETE("/v1/request/:request", e.cancelUserRequest) - router.GET("/v1/requests/:mode/:address", e.getCustomUserRequests) + router.GET("/v1/requests/:mode/:identity", e.getCustomUserRequests) router.GET("/v1/requests", e.getUserRequests) router.GET("/v1/pactivity", e.pactivityList) @@ -218,14 +218,14 @@ func (e mainEnv) setupRouter() *httprouter.Router { router.POST("/v1/lbasis/:brief", e.createLegalBasis) router.DELETE("/v1/lbasis/:brief", e.deleteLegalBasis) - router.GET("/v1/agreement/:brief/:mode/:address", e.getUserAgreement) - router.POST("/v1/agreement/:brief/:mode/:address", e.agreementAccept) + router.GET("/v1/agreement/:brief/:mode/:identity", e.getUserAgreement) + router.POST("/v1/agreement/:brief/:mode/:identity", e.agreementAccept) router.DELETE("/v1/agreement/:brief", e.agreementRevokeAll) - router.DELETE("/v1/agreement/:brief/:mode/:address", e.agreementWithdraw) - router.GET("/v1/agreements/:mode/:address", e.getUserAgreements) + router.DELETE("/v1/agreement/:brief/:mode/:identity", e.agreementWithdraw) + router.GET("/v1/agreements/:mode/:identity", e.getUserAgreements) - //router.GET("/v1/consent/:mode/:address", e.consentAllUserRecords) - //router.GET("/v1/consent/:mode/:address/:brief", e.consentUserRecord) + //router.GET("/v1/consent/:mode/:identity", e.consentAllUserRecords) + //router.GET("/v1/consent/:mode/:identity/:brief", e.consentUserRecord) router.POST("/v1/userapp/token/:token/:appname", e.userappNew) router.GET("/v1/userapp/token/:token/:appname", e.userappGet) @@ -237,8 +237,8 @@ func (e mainEnv) setupRouter() *httprouter.Router { router.GET("/v1/session/:session", e.getSession) router.POST("/v1/session/:session", e.createSession) router.DELETE("/v1/session/:session", e.deleteSession) - //router.POST("/v1/sessions/:mode/:address", e.newUserSession) - router.GET("/v1/sessions/:mode/:address", e.getUserSessions) + //router.POST("/v1/sessions/:mode/:identity", e.newUserSession) + router.GET("/v1/sessions/:mode/:identity", e.getUserSessions) router.GET("/v1/metrics", e.metrics) diff --git a/src/consent_test.go b/src/consent_test.go index 78a170c..17ac459 100644 --- a/src/consent_test.go +++ b/src/consent_test.go @@ -8,29 +8,29 @@ import ( uuid "github.com/hashicorp/go-uuid" ) -func helpAcceptAgreement(mode string, address string, brief string, dataJSON string) (map[string]interface{}, error) { - url := "http://localhost:3000/v1/agreement/" + brief + "/" + mode + "/" + address +func helpAcceptAgreement(mode string, identity string, brief string, dataJSON string) (map[string]interface{}, error) { + url := "http://localhost:3000/v1/agreement/" + brief + "/" + mode + "/" + identity request := httptest.NewRequest("POST", url, strings.NewReader(dataJSON)) request.Header.Set("X-Bunker-Token", rootToken) return helpServe(request) } -func helpWithdrawAgreement(mode string, address string, brief string) (map[string]interface{}, error) { - url := "http://localhost:3000/v1/agreement/" + brief + "/" + mode + "/" + address +func helpWithdrawAgreement(mode string, identity string, brief string) (map[string]interface{}, error) { + url := "http://localhost:3000/v1/agreement/" + brief + "/" + mode + "/" + identity request := httptest.NewRequest("DELETE", url, nil) request.Header.Set("X-Bunker-Token", rootToken) return helpServe(request) } -func helpGetUserAgreement(mode string, address string, brief string) (map[string]interface{}, error) { - url := "http://localhost:3000/v1/agreement/" + brief + "/" + mode + "/" + address +func helpGetUserAgreement(mode string, identity string, brief string) (map[string]interface{}, error) { + url := "http://localhost:3000/v1/agreement/" + brief + "/" + mode + "/" + identity request := httptest.NewRequest("GET", url, nil) request.Header.Set("X-Bunker-Token", rootToken) return helpServe(request) } -func helpGetAllUserAgreements(mode string, address string) (map[string]interface{}, error) { - url := "http://localhost:3000/v1/agreements/" + mode + "/" + address +func helpGetAllUserAgreements(mode string, identity string) (map[string]interface{}, error) { + url := "http://localhost:3000/v1/agreements/" + mode + "/" + identity request := httptest.NewRequest("GET", url, nil) request.Header.Set("X-Bunker-Token", rootToken) return helpServe(request) diff --git a/src/email.go b/src/email.go index f5b091b..5f7efef 100644 --- a/src/email.go +++ b/src/email.go @@ -7,8 +7,8 @@ import ( "strings" ) -func sendCodeByEmail(code int32, address string, cfg Config) { - Dest := []string{address} +func sendCodeByEmail(code int32, identity string, cfg Config) { + Dest := []string{identity} Subject := "Access Code" bodyMessage := "Access code is " + strconv.Itoa(int((code))) msg := "From: " + cfg.SMTP.Sender + "\n" + diff --git a/src/expiration_api.go b/src/expiration_api.go index f069748..dbed21b 100644 --- a/src/expiration_api.go +++ b/src/expiration_api.go @@ -26,23 +26,23 @@ func (e mainEnv) expUsers() error { func (e mainEnv) expGetStatus(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { var err error - address := ps.ByName("address") + identity := ps.ByName("identity") mode := ps.ByName("mode") - event := audit("get expiration status by "+mode, address, mode, address) + event := audit("get expiration status by "+mode, identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { returnError(w, r, "bad mode", 405, nil, event) return } - userTOKEN := address + userTOKEN := identity var userBson bson.M if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userBson, err = e.db.lookupUserRecord(address) + userBson, err = e.db.lookupUserRecord(identity) } else { - userBson, err = e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, err = e.db.lookupUserRecordByIndex(mode, identity, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) event.Record = userTOKEN @@ -64,23 +64,23 @@ func (e mainEnv) expGetStatus(w http.ResponseWriter, r *http.Request, ps httprou func (e mainEnv) expCancel(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { var err error - address := ps.ByName("address") + identity := ps.ByName("identity") mode := ps.ByName("mode") - event := audit("clear user expiration by "+mode, address, mode, address) + event := audit("clear user expiration by "+mode, identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { returnError(w, r, "bad mode", 405, nil, event) return } - userTOKEN := address + userTOKEN := identity var userBson bson.M if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userBson, err = e.db.lookupUserRecord(address) + userBson, err = e.db.lookupUserRecord(identity) } else { - userBson, err = e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, err = e.db.lookupUserRecordByIndex(mode, identity, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) event.Record = userTOKEN @@ -103,14 +103,14 @@ func (e mainEnv) expCancel(w http.ResponseWriter, r *http.Request, ps httprouter } func (e mainEnv) expRetainData(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - address := ps.ByName("exptoken") + identity := ps.ByName("exptoken") mode := "exptoken" - event := audit("retain user data by exptoken", address, mode, address) + event := audit("retain user data by exptoken", identity, mode, identity) defer func() { event.submit(e.db) }() - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userBson, err := e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, err := e.db.lookupUserRecordByIndex(mode, identity, e.conf) if userBson == nil || err != nil { returnError(w, r, "internal error", 405, nil, event) return @@ -128,14 +128,14 @@ func (e mainEnv) expRetainData(w http.ResponseWriter, r *http.Request, ps httpro } func (e mainEnv) expDeleteData(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - address := ps.ByName("exptoken") + identity := ps.ByName("exptoken") mode := "exptoken" - event := audit("delete user data by exptoken", address, mode, address) + event := audit("delete user data by exptoken", identity, mode, identity) defer func() { event.submit(e.db) }() - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - resultJSON, userTOKEN, err := e.db.getUserJsonByIndex(address, mode, e.conf) + resultJSON, userTOKEN, err := e.db.getUserJsonByIndex(identity, mode, e.conf) if resultJSON == nil || err != nil { returnError(w, r, "internal error", 405, nil, event) return @@ -154,9 +154,9 @@ func (e mainEnv) expDeleteData(w http.ResponseWriter, r *http.Request, ps httpro func (e mainEnv) expStart(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { var err error - address := ps.ByName("address") + identity := ps.ByName("identity") mode := ps.ByName("mode") - event := audit("initiate user record expiration by "+mode, address, mode, address) + event := audit("initiate user record expiration by "+mode, identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { returnError(w, r, "bad mode", 405, nil, event) @@ -165,15 +165,15 @@ func (e mainEnv) expStart(w http.ResponseWriter, r *http.Request, ps httprouter. if e.enforceAdmin(w, r) == "" { return } - userTOKEN := address + userTOKEN := identity var userBson bson.M if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userBson, err = e.db.lookupUserRecord(address) + userBson, err = e.db.lookupUserRecord(identity) } else { - userBson, err = e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, err = e.db.lookupUserRecordByIndex(mode, identity, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) event.Record = userTOKEN diff --git a/src/lbasis_api.go b/src/lbasis_api.go index 02aa543..8ce1318 100644 --- a/src/lbasis_api.go +++ b/src/lbasis_api.go @@ -71,7 +71,7 @@ func (e mainEnv) createLegalBasis(w http.ResponseWriter, r *http.Request, ps htt if len(userTOKEN) > 0 { notifyConsentChange(notifyURL, brief, status, "token", userTOKEN) } else { - notifyConsentChange(notifyURL, brief, status, mode, address) + notifyConsentChange(notifyURL, brief, status, mode, identity) } } */ diff --git a/src/notify.go b/src/notify.go index b505f6b..5a15e2c 100644 --- a/src/notify.go +++ b/src/notify.go @@ -11,47 +11,47 @@ import ( "github.com/securitybunker/databunker/src/autocontext" ) -func notifyBadLogin(notifyURL string, mode string, address string) { +func notifyBadLogin(notifyURL string, mode string, identity string) { if len(notifyURL) == 0 { return } - requestBody := fmt.Sprintf(`{"action":"%s","address":"%s","mode":"%s"}`, - "badlogin", address, mode) + requestBody := fmt.Sprintf(`{"action":"%s","identity":"%s","mode":"%s"}`, + "badlogin", identity, mode) host := autocontext.GetAuto("host") go notify(notifyURL, host, []byte(requestBody)) } -func notifyProfileNew(notifyURL string, profile []byte, mode string, address string) { +func notifyProfileNew(notifyURL string, profile []byte, mode string, identity string) { if len(notifyURL) == 0 { return } - requestBody := fmt.Sprintf(`{"action":"%s","address":"%s","mode":"%s","profile":%s}`, - "profilenew", address, mode, profile) + requestBody := fmt.Sprintf(`{"action":"%s","identity":"%s","mode":"%s","profile":%s}`, + "profilenew", identity, mode, profile) host := autocontext.GetAuto("host") go notify(notifyURL, host, []byte(requestBody)) } -func notifyProfileChange(notifyURL string, old []byte, profile []byte, mode string, address string) { +func notifyProfileChange(notifyURL string, old []byte, profile []byte, mode string, identity string) { if len(notifyURL) == 0 { return } - requestBody := fmt.Sprintf(`{"action":"%s","address":"%s","mode":"%s","old":%s,"profile":%s}`, - "profilechange", address, mode, old, profile) + requestBody := fmt.Sprintf(`{"action":"%s","identity":"%s","mode":"%s","old":%s,"profile":%s}`, + "profilechange", identity, mode, old, profile) host := autocontext.GetAuto("host") go notify(notifyURL, host, []byte(requestBody)) } -func notifyForgetMe(notifyURL string, profile []byte, mode string, address string) { +func notifyForgetMe(notifyURL string, profile []byte, mode string, identity string) { if len(notifyURL) == 0 { return } - requestBody := fmt.Sprintf(`{"action":"%s","address":"%s","mode":"%s","profile":%s}`, - "forgetme", address, mode, profile) + requestBody := fmt.Sprintf(`{"action":"%s","identity":"%s","mode":"%s","profile":%s}`, + "forgetme", identity, mode, profile) host := autocontext.GetAuto("host") go notify(notifyURL, host, []byte(requestBody)) } -func notifyConsentChange(notifyURL string, brief string, status string, mode string, address string) { +func notifyConsentChange(notifyURL string, brief string, status string, mode string, identity string) { if len(notifyURL) == 0 { return } @@ -60,7 +60,7 @@ func notifyConsentChange(notifyURL string, brief string, status string, mode str "brief": brief, "status": status, "mode": mode, - "address": address, + "identity": identity, }) host := autocontext.GetAuto("host") go notify(notifyURL, host, requestBody) diff --git a/src/requests_api.go b/src/requests_api.go index 2fb2b22..77bfc91 100644 --- a/src/requests_api.go +++ b/src/requests_api.go @@ -39,24 +39,24 @@ func (e mainEnv) getUserRequests(w http.ResponseWriter, r *http.Request, ps http } func (e mainEnv) getCustomUserRequests(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - address := ps.ByName("address") + identity := ps.ByName("identity") mode := ps.ByName("mode") - event := audit("get user privacy requests", address, mode, address) + event := audit("get user privacy requests", identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { returnError(w, r, "bad mode", 405, nil, event) return } - userTOKEN := address + userTOKEN := identity var userBson bson.M if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userBson, _ = e.db.lookupUserRecord(address) + userBson, _ = e.db.lookupUserRecord(identity) } else { - userBson, _ = e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, _ = e.db.lookupUserRecordByIndex(mode, identity, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) event.Record = userTOKEN diff --git a/src/sessions_api.go b/src/sessions_api.go index bcf8ce2..c2e6c2e 100644 --- a/src/sessions_api.go +++ b/src/sessions_api.go @@ -88,24 +88,24 @@ func (e mainEnv) deleteSession(w http.ResponseWriter, r *http.Request, ps httpro } func (e mainEnv) newUserSession(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - address := ps.ByName("address") + identity := ps.ByName("identity") mode := ps.ByName("mode") - event := audit("create user session", address, mode, address) + event := audit("create user session", identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { returnError(w, r, "bad mode", 405, nil, event) return } - userTOKEN := address + userTOKEN := identity var userBson bson.M if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userBson, _ = e.db.lookupUserRecord(address) + userBson, _ = e.db.lookupUserRecord(identity) } else { - userBson, _ = e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, _ = e.db.lookupUserRecordByIndex(mode, identity, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) event.Record = userTOKEN @@ -151,25 +151,25 @@ func (e mainEnv) newUserSession(w http.ResponseWriter, r *http.Request, ps httpr } func (e mainEnv) getUserSessions(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - address := ps.ByName("address") + identity := ps.ByName("identity") mode := ps.ByName("mode") - event := audit("get all user sessions", address, mode, address) + event := audit("get all user sessions", identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { returnError(w, r, "bad mode", 405, nil, event) return } - userTOKEN := address + userTOKEN := identity var userBson bson.M if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userBson, _ = e.db.lookupUserRecord(address) + userBson, _ = e.db.lookupUserRecord(identity) } else { // TODO: decode url in code! - userBson, _ = e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, _ = e.db.lookupUserRecordByIndex(mode, identity, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) event.Record = userTOKEN diff --git a/src/sessions_test.go b/src/sessions_test.go index fe8e644..178c606 100644 --- a/src/sessions_test.go +++ b/src/sessions_test.go @@ -23,8 +23,8 @@ func helpGetSession(recordTOKEN string) (map[string]interface{}, error) { return helpServe(request) } -func helpGetUserSessions(mode string, address string) (map[string]interface{}, error) { - url := "http://localhost:3000/v1/sessions/" + mode + "/" + address +func helpGetUserSessions(mode string, identity string) (map[string]interface{}, error) { + url := "http://localhost:3000/v1/sessions/" + mode + "/" + identity request := httptest.NewRequest("GET", url, nil) request.Header.Set("X-Bunker-Token", rootToken) return helpServe(request) diff --git a/src/sharedrecords_test.go b/src/sharedrecords_test.go index b976ea1..5446784 100644 --- a/src/sharedrecords_test.go +++ b/src/sharedrecords_test.go @@ -9,8 +9,8 @@ import ( uuid "github.com/hashicorp/go-uuid" ) -func helpCreateSharedRecord(mode string, address string, dataJSON string) (map[string]interface{}, error) { - url := "http://localhost:3000/v1/sharedrecord/" + mode + "/" + address +func helpCreateSharedRecord(mode string, identity string, dataJSON string) (map[string]interface{}, error) { + url := "http://localhost:3000/v1/sharedrecord/" + mode + "/" + identity request := httptest.NewRequest("POST", url, strings.NewReader(dataJSON)) request.Header.Set("X-Bunker-Token", rootToken) return helpServe(request) diff --git a/src/sms.go b/src/sms.go index 8f3c7d2..dfa07f4 100644 --- a/src/sms.go +++ b/src/sms.go @@ -9,20 +9,20 @@ import ( "strings" ) -func sendCodeByPhone(code int32, address string, cfg Config) { +func sendCodeByPhone(code int32, identity string, cfg Config) { domain := "https://api.twilio.com" client := &http.Client{} - sendCodeByPhoneDo(domain, client, code, address, cfg) + sendCodeByPhoneDo(domain, client, code, identity, cfg) } -func sendCodeByPhoneDo(domain string, client *http.Client, code int32, address string, cfg Config) { +func sendCodeByPhoneDo(domain string, client *http.Client, code int32, identity string, cfg Config) { if len(cfg.Sms.Url) == 0 { log.Printf("SMS gateway provider URL is missing") return } msg := "Databunker code " + strconv.Itoa(int(code)) finalUrl := cfg.Sms.Url - finalUrl = strings.ReplaceAll(finalUrl, "_PHONE_", url.QueryEscape(address)) + finalUrl = strings.ReplaceAll(finalUrl, "_PHONE_", url.QueryEscape(identity)) finalUrl = strings.ReplaceAll(finalUrl, "_FROM_", url.QueryEscape(cfg.Sms.From)) finalUrl = strings.ReplaceAll(finalUrl, "_TOKEN_", url.QueryEscape(cfg.Sms.Token)) finalUrl = strings.ReplaceAll(finalUrl, "_MSG_", url.QueryEscape(msg)) @@ -54,13 +54,13 @@ func sendCodeByPhoneDo(domain string, client *http.Client, code int32, address s if cType == "json" || cType == "application/json" { // no need to escape values when sending JSON body = strings.ReplaceAll(body, "_FROM_", cfg.Sms.From) - body = strings.ReplaceAll(body, "_PHONE_", address) + body = strings.ReplaceAll(body, "_PHONE_", identity) body = strings.ReplaceAll(body, "_TOKEN_", cfg.Sms.Token) body = strings.ReplaceAll(body, "_MSG_", msg) cType = "application/json" } else { body = strings.ReplaceAll(body, "_FROM_", url.QueryEscape(cfg.Sms.From)) - body = strings.ReplaceAll(body, "_PHONE_", url.QueryEscape(address)) + body = strings.ReplaceAll(body, "_PHONE_", url.QueryEscape(identity)) body = strings.ReplaceAll(body, "_TOKEN_", url.QueryEscape(cfg.Sms.Token)) body = strings.ReplaceAll(body, "_MSG_", url.QueryEscape(msg)) cType = "application/x-www-form-urlencoded" diff --git a/src/users_api.go b/src/users_api.go index 047d287..f83b4ab 100644 --- a/src/users_api.go +++ b/src/users_api.go @@ -118,9 +118,9 @@ func (e mainEnv) userNew(w http.ResponseWriter, r *http.Request, ps httprouter.P func (e mainEnv) userGet(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { var err error var resultJSON []byte - address := ps.ByName("address") + identity := ps.ByName("identity") mode := ps.ByName("mode") - event := audit("get user record by "+mode, address, mode, address) + event := audit("get user record by "+mode, identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { returnError(w, r, "bad mode", 405, nil, event) @@ -129,13 +129,13 @@ func (e mainEnv) userGet(w http.ResponseWriter, r *http.Request, ps httprouter.P userTOKEN := "" authResult := "" if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - resultJSON, err = e.db.getUserJson(address) - userTOKEN = address + resultJSON, err = e.db.getUserJson(identity) + userTOKEN = identity } else { - resultJSON, userTOKEN, err = e.db.getUserJsonByIndex(address, mode, e.conf) + resultJSON, userTOKEN, err = e.db.getUserJsonByIndex(identity, mode, e.conf) event.Record = userTOKEN } if err != nil { @@ -159,9 +159,9 @@ func (e mainEnv) userGet(w http.ResponseWriter, r *http.Request, ps httprouter.P } func (e mainEnv) userChange(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - address := ps.ByName("address") + identity := ps.ByName("identity") mode := ps.ByName("mode") - event := audit("change user record by "+mode, address, mode, address) + event := audit("change user record by "+mode, identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { @@ -183,13 +183,13 @@ func (e mainEnv) userChange(w http.ResponseWriter, r *http.Request, ps httproute var userJSON []byte var userBSON bson.M if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - userTOKEN = address - userJSON, userBSON, err = e.db.getUser(address) + userTOKEN = identity + userJSON, userBSON, err = e.db.getUser(identity) } else { - userJSON, userTOKEN, userBSON, err = e.db.getUserByIndex(address, mode, e.conf) + userJSON, userTOKEN, userBSON, err = e.db.getUserByIndex(identity, mode, e.conf) event.Record = userTOKEN } if err != nil { @@ -242,9 +242,9 @@ func (e mainEnv) userChange(w http.ResponseWriter, r *http.Request, ps httproute // user forgetme request comes here func (e mainEnv) userDelete(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - address := ps.ByName("address") + identity := ps.ByName("identity") mode := ps.ByName("mode") - event := audit("delete user record by "+mode, address, mode, address) + event := audit("delete user record by "+mode, identity, mode, identity) defer func() { event.submit(e.db) }() if validateMode(mode) == false { @@ -253,14 +253,14 @@ func (e mainEnv) userDelete(w http.ResponseWriter, r *http.Request, ps httproute } var err error var resultJSON []byte - userTOKEN := address + userTOKEN := identity if mode == "token" { - if enforceUUID(w, address, event) == false { + if enforceUUID(w, identity, event) == false { return } - resultJSON, err = e.db.getUserJson(address) + resultJSON, err = e.db.getUserJson(identity) } else { - resultJSON, userTOKEN, err = e.db.getUserJsonByIndex(address, mode, e.conf) + resultJSON, userTOKEN, err = e.db.getUserJsonByIndex(identity, mode, e.conf) event.Record = userTOKEN } if err != nil { @@ -307,9 +307,9 @@ func (e mainEnv) userDelete(w http.ResponseWriter, r *http.Request, ps httproute func (e mainEnv) userPrelogin(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { captcha := ps.ByName("captcha") code := ps.ByName("code") - address := ps.ByName("address") + identity := ps.ByName("identity") mode := ps.ByName("mode") - event := audit("user prelogin by "+mode, address, mode, address) + event := audit("user prelogin by "+mode, identity, mode, identity) defer func() { event.submit(e.db) }() code0, err := decryptCaptcha(captcha) @@ -323,7 +323,7 @@ func (e mainEnv) userPrelogin(w http.ResponseWriter, r *http.Request, ps httprou returnError(w, r, "bad mode", 405, nil, event) return } - userBson, err := e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, err := e.db.lookupUserRecordByIndex(mode, identity, e.conf) if err != nil { returnError(w, r, "internal error", 405, err, event) return @@ -331,24 +331,23 @@ func (e mainEnv) userPrelogin(w http.ResponseWriter, r *http.Request, ps httprou if userBson != nil { userTOKEN := userBson["token"].(string) event.Record = userTOKEN - if address == "4444" || address == "test@securitybunker.io" { + if identity == "4444" || identity == "test@securitybunker.io" { // check if it is demo account. - // the address is always 4444 // no need to send any notifications e.db.generateDemoLoginCode(userTOKEN) } else { rnd := e.db.generateTempLoginCode(userTOKEN) if mode == "email" { - go sendCodeByEmail(rnd, address, e.conf) + go sendCodeByEmail(rnd, identity, e.conf) } else if mode == "phone" { - go sendCodeByPhone(rnd, address, e.conf) + go sendCodeByPhone(rnd, identity, e.conf) } } } else { if mode == "email" { //notifyURL := e.conf.Notification.NotificationURL - //notifyBadLogin(notifyURL, mode, address) - e.pluginUserLookup(address) + //notifyBadLogin(notifyURL, mode, identity) + e.pluginUserLookup(identity) returnError(w, r, "record not found", 405, errors.New("record not found"), event) return } @@ -361,9 +360,9 @@ func (e mainEnv) userPrelogin(w http.ResponseWriter, r *http.Request, ps httprou func (e mainEnv) userLogin(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { tmp := atoi(ps.ByName("tmp")) - address := ps.ByName("address") + identity := ps.ByName("identity") mode := ps.ByName("mode") - event := audit("user login by "+mode, address, mode, address) + event := audit("user login by "+mode, identity, mode, identity) defer func() { event.submit(e.db) }() if mode != "phone" && mode != "email" { @@ -371,7 +370,7 @@ func (e mainEnv) userLogin(w http.ResponseWriter, r *http.Request, ps httprouter return } - userBson, err := e.db.lookupUserRecordByIndex(mode, address, e.conf) + userBson, err := e.db.lookupUserRecordByIndex(mode, identity, e.conf) if userBson == nil || err != nil { returnError(w, r, "internal error", 405, err, event) return diff --git a/src/utils_test.go b/src/utils_test.go index 38bcf4f..68377a1 100644 --- a/src/utils_test.go +++ b/src/utils_test.go @@ -119,7 +119,7 @@ func TestUtilNotifyConsentChange(t *testing.T) { defer req.Body.Close() bodyBytes, _ := ioutil.ReadAll(req.Body) fmt.Printf("body: %s\n", string(bodyBytes)) - if string(bodyBytes) != `{"action":"consentchange","address":"user3@user3.com","brief":"brief","mode":"email","status":"no"}` { + if string(bodyBytes) != `{"action":"consentchange","identity":"user3@user3.com","brief":"brief","mode":"email","status":"no"}` { q <- fmt.Sprintf("bad request in notifyConsentChange: %s", string(bodyBytes)) } else { q <- "ok" @@ -142,7 +142,7 @@ func TestUtilNotifyProfileNew(t *testing.T) { defer req.Body.Close() bodyBytes, _ := ioutil.ReadAll(req.Body) fmt.Printf("body: %s\n", string(bodyBytes)) - if string(bodyBytes) != `{"action":"profilenew","address":"user3@user3.com","mode":"email","profile":{"name":"alex"}}` { + if string(bodyBytes) != `{"action":"profilenew","identity":"user3@user3.com","mode":"email","profile":{"name":"alex"}}` { q <- fmt.Sprintf("bad request in notifyConsentChange: %s", string(bodyBytes)) } else { q <- "ok" @@ -166,7 +166,7 @@ func TestUtilNotifyForgetMe(t *testing.T) { defer req.Body.Close() bodyBytes, _ := ioutil.ReadAll(req.Body) fmt.Printf("body: %s\n", string(bodyBytes)) - if string(bodyBytes) != `{"action":"forgetme","address":"user3@user3.com","mode":"email","profile":{"name":"alex"}}` { + if string(bodyBytes) != `{"action":"forgetme","identity":"user3@user3.com","mode":"email","profile":{"name":"alex"}}` { q <- fmt.Sprintf("bad request in notifyConsentChange: %s", string(bodyBytes)) } else { q <- "ok" @@ -190,7 +190,7 @@ func TestUtilNotifyProfileChange(t *testing.T) { defer req.Body.Close() bodyBytes, _ := ioutil.ReadAll(req.Body) fmt.Printf("body: %s\n", string(bodyBytes)) - if string(bodyBytes) != `{"action":"profilechange","address":"user3@user3.com","mode":"email","old":{"name":"alex2"},"profile":{"name":"alex3"}}` { + if string(bodyBytes) != `{"action":"profilechange","identity":"user3@user3.com","mode":"email","old":{"name":"alex2"},"profile":{"name":"alex3"}}` { q <- fmt.Sprintf("bad request in notifyConsentChange: %s", string(bodyBytes)) } else { q <- "ok" diff --git a/src/xtokens_test.go b/src/xtokens_test.go index 1c51737..10b1301 100644 --- a/src/xtokens_test.go +++ b/src/xtokens_test.go @@ -9,17 +9,17 @@ import ( uuid "github.com/hashicorp/go-uuid" ) -func helpUserPrelogin(mode string, address string) (map[string]interface{}, error) { +func helpUserPrelogin(mode string, identity string) (map[string]interface{}, error) { captcha, _ := generateCaptcha() code, _ := decryptCaptcha(captcha) - url := "http://localhost:3000/v1/prelogin/" + mode + "/" + address + "/" + code + "/" + captcha + url := "http://localhost:3000/v1/prelogin/" + mode + "/" + identity + "/" + code + "/" + captcha request := httptest.NewRequest("GET", url, nil) //request.Header.Set("X-Bunker-Token", rootToken) return helpServe(request) } -func helpUserLogin(mode string, address string, code string) (map[string]interface{}, error) { - url := "http://localhost:3000/v1/login/" + mode + "/" + address + "/" + code +func helpUserLogin(mode string, identity string, code string) (map[string]interface{}, error) { + url := "http://localhost:3000/v1/login/" + mode + "/" + identity + "/" + code request := httptest.NewRequest("GET", url, nil) //request.Header.Set("X-Bunker-Token", rootToken) return helpServe(request)